I’ve got my client running on AcmeV2 finally - thank you all for the help so far!
I have one outstanding question which I can’t seem to figure out. I think this may be an artifact from testing against pebble and having some options set (or failing to reset the server), but I’d like to clarify.
If the status is valid, it means that the challenge is already fulfilled. You don't need to do anything.
By sending an empty string (""), you are not actually doing anything. You are in fact just doing a POST-as-GET operation - semantically equivalent to just GET'ing the challenge resource in ACME v1.
(sigh) I regretted basing my client on acme-tiny before. I regret it so much more now - there have been too many "lazy" details in it which have caused me issues over the years.
You can create a new order, and in return immediately see an order status of ready.
This means that all of the order's authorizations are already valid - and you can immediately finalize the order.
In that case, you don't even need to loop over the authorizations.
But otherwise, yes, if you encounter an authorization that is valid, then you just move onto the next one.
Do you mean for an authorization?
I think maybe it's possible? For example, the authorization resource might be deactivated but one of its challenges might still be presented as valid.
But such a scenario has never presented itself to me when writing ACME clients tbh. I've always just responded to the challenge, confirmed that its status is valid (by polling until we hit valid, invalid or give up after some time), and assumed that the authorization has transitioned to the valid state as well.
Even if that assumption is violated, an error is going to occur at finalization anyway, so it doesn't really seem to matter in the end.